diff options
author | Bernhard Posselt <nukeawhale@gmail.com> | 2013-09-02 14:09:33 +0200 |
---|---|---|
committer | Bernhard Posselt <nukeawhale@gmail.com> | 2013-09-02 14:09:33 +0200 |
commit | 7a50fcebe62581614f6e5441f11adbc314d465ac (patch) | |
tree | 9efc70267f0919a7326ae0189e0398c1745a9202 /middleware | |
parent | 358b3445c647f94373023f669e1b7620bc983d71 (diff) |
trying to fix cors
Diffstat (limited to 'middleware')
-rw-r--r-- | middleware/corsmiddleware.php | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/middleware/corsmiddleware.php b/middleware/corsmiddleware.php index 8e4c5b4a0..ef9fe2e5a 100644 --- a/middleware/corsmiddleware.php +++ b/middleware/corsmiddleware.php @@ -24,12 +24,20 @@ namespace OCA\News\Middleware; +use OCA\AppFramework\Http\Request; use OCA\AppFramework\Http\Response; use OCA\AppFramework\Middleware\Middleware; use OCA\AppFramework\Utility\MethodAnnotationReader; + class CORSMiddleware extends Middleware { + private $request; + + public function __construct(Request $request) { + $this->request = $request; + } + /** * This is being run after a successful controllermethod call and allows @@ -44,7 +52,7 @@ class CORSMiddleware extends Middleware { public function afterController($controller, $methodName, Response $response){ $annotationReader = new MethodAnnotationReader($controller, $methodName); if($annotationReader->hasAnnotation('API')) { - $response->addHeader('Access-Control-Allow-Origin', '*'); + $response->addHeader('Access-Control-Allow-Origin', $request->server['Origin']); $response->addHeader('Access-Control-Allow-Credentials', 'true'); } return $response; |